Permissions & Authorization for Users #24

Initial Release; Includes Database and MVC refactoring

Disco.BI/BI/Interop/SignalRHandlers/AdminAuthorizedPersistentConnection.cs

@@ -1,16 +0,0 @@
-using Disco.Models.Repository;
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Text;
-using System.Threading.Tasks;
-
-namespace Disco.BI.Interop.SignalRHandlers
-{
-    public class AdminAuthorizedPersistentConnection : AuthorizedPersistentConnection
-    {
-        private string[] authorizedUserTypes = { User.Types.Admin };
-
-        protected override string[] AuthorizedUserTypes { get { return authorizedUserTypes; } }
-    }
-}

Disco.BI/BI/Interop/SignalRHandlers/AuthorizedPersistentConnection.cs

@@ -1,4 +1,5 @@
-using Microsoft.AspNet.SignalR;
+using Disco.Services.Users;
+using Microsoft.AspNet.SignalR;
 using System;
 using System.Collections.Generic;
 using System.Linq;
@@ -9,9 +10,9 @@ namespace Disco.BI.Interop.SignalRHandlers
 {
     public class AuthorizedPersistentConnection : PersistentConnection
     {
-        private string[] authorizedUserTypes = null;
+        private string authorizedClaim = null;
 
-        protected virtual string[] AuthorizedUserTypes { get { return authorizedUserTypes; } }
+        protected virtual string AuthorizedClaim { get { return authorizedClaim; } }
 
         protected override bool AuthorizeRequest(IRequest request)
         {
@@ -19,17 +20,15 @@ namespace Disco.BI.Interop.SignalRHandlers
                 return false;
             else
             {
-                var user = UserBI.UserCache.CurrentUser;
-                if (user == null)
-                    return false;
+                var authToken = UserService.CurrentAuthorization;
+                
+                if (authToken == null)
+                    return false; // No Current User
 
-                if (AuthorizedUserTypes == null || AuthorizedUserTypes.Length == 0)
-                    return true;
-
-                if (AuthorizedUserTypes.Contains(user.Type))
-                    return true;
-
-                return false;
+                if (authorizedClaim == null)
+                    return true; // Just Authenticate - no Authorization
+                else
+                    return authToken.Has(authorizedClaim);
             }
         }
     }

Disco.BI/BI/Interop/SignalRHandlers/HeldDeviceNotifications.cs

@@ -61,7 +61,7 @@ namespace Disco.BI.Interop.SignalRHandlers
         {
             User u = (User)e.Entity;
 
-            var userDevices = e.dbContext.Devices.Where(d => d.AssignedUserId == u.Id);
+            var userDevices = e.Database.Devices.Where(d => d.AssignedUserId == u.Id);
 
             foreach (var userDevice in userDevices)
             {

Disco.BI/BI/Interop/SignalRHandlers/LogNotifications.cs

@@ -1,4 +1,5 @@
-using Disco.Services.Logging;
+using Disco.Services.Authorization;
+using Disco.Services.Logging;
 using Disco.Services.Logging.Models;
 using Microsoft.AspNet.SignalR;
 using System;
@@ -9,10 +10,12 @@ using System.Threading.Tasks;
 
 namespace Disco.BI.Interop.SignalRHandlers
 {
-    public class LogNotifications : AdminAuthorizedPersistentConnection
+    public class LogNotifications : AuthorizedPersistentConnection
     {
         public static bool initialized = false;
 
+        protected override string AuthorizedClaim { get { return Claims.DiscoAdminAccount; } }
+
         public LogNotifications()
         {
             if (!initialized)

Disco.BI/BI/Interop/SignalRHandlers/RepositoryMonitorNotifications.cs

@@ -1,4 +1,5 @@
 using Disco.Data.Repository.Monitor;
+using Disco.Services.Authorization;
 using Microsoft.AspNet.SignalR;
 using System;
 using System.Collections.Generic;
@@ -8,8 +9,10 @@ using System.Threading.Tasks;
 
 namespace Disco.BI.Interop.SignalRHandlers
 {
-    public class RepositoryMonitorNotifications : AdminAuthorizedPersistentConnection
+    public class RepositoryMonitorNotifications : AuthorizedPersistentConnection
     {
+        protected override string AuthorizedClaim { get { return Claims.DiscoAdminAccount; } }
+
         public static void Initialize()
         {
             RepositoryMonitor.StreamAfterCommit.Subscribe(AfterCommit);

Disco.BI/BI/Interop/SignalRHandlers/ScheduledTasksStatusNotifications.cs

@@ -1,4 +1,5 @@
-using Disco.Services.Tasks;
+using Disco.Services.Authorization;
+using Disco.Services.Tasks;
 using Microsoft.AspNet.SignalR;
 using System;
 using System.Collections.Generic;
@@ -8,10 +9,12 @@ using System.Threading.Tasks;
 
 namespace Disco.BI.Interop.SignalRHandlers
 {
-    public class ScheduledTasksStatusNotifications : AdminAuthorizedPersistentConnection
+    public class ScheduledTasksStatusNotifications : AuthorizedPersistentConnection
     {
         public static bool initialized = false;
 
+        protected override string AuthorizedClaim { get { return Claims.DiscoAdminAccount; } }
+
         public ScheduledTasksStatusNotifications()
         {
             if (!initialized)

Disco.BI/BI/Interop/SignalRHandlers/UserHeldDeviceNotifications.cs

@@ -48,7 +48,7 @@ namespace Disco.BI.Interop.SignalRHandlers
 
             if (j.DeviceSerialNumber != null)
             {
-                var jobDevice = e.dbContext.Devices.Where(d => d.SerialNumber == j.DeviceSerialNumber).FirstOrDefault();
+                var jobDevice = e.Database.Devices.Where(d => d.SerialNumber == j.DeviceSerialNumber).FirstOrDefault();
 
                 if (jobDevice.AssignedUserId != null)
                     notificationContext.Connection.Broadcast(jobDevice.AssignedUserId);